The Onion Routing (TOR) Frequently Asked Questions -------------------------------------------------- 1. General. 1.1. What is tor? Tor is an implementation of version 2 of Onion Routing. Onion Routing is a connection-oriented anonymizing communication service. Users build a layered block of asymmetric encryptions (an "onion") which describes a source-routed path through a set of nodes. Those nodes build a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node which reveals the downstream node. Basically tor provides a distributed network of servers ("onion routers"). Users bounce their tcp streams (web traffic, ftp, ssh, etc) around the routers, and recipients, observers, and even the routers themselves have difficulty tracking the source of the stream. 1.2. Why's it called tor? Because tor is the onion routing system. I kept telling people I was working on onion routing, and they said "Neat. Which one?" Even if onion routing has become a standard household term, this is the actual onion routing project, started out of the Naval Research Lab. (Theories about recursive acronyms are ok too.) 2. Compiling and installing. [Read the README file for now; check back here once we've got packages/etc for you.] 3. Running tor. 3.1. What's this about roles? What kind of server should I run? The same executable ("or") functions as both client and server, depending on the value of the config variable named 'Role'. Role represents a combination of which tasks this particular tor server will do. The default Role (role 15) is an onion router: it listens for onion routers, listens for onion proxies, listens for application proxies, and it connects to all other onion routers it learns about. A directory server (role 63) does all of the above and also serves directory requests. A simple onion proxy, on the other hand (role 8), only listens for application proxies. See part 3.1 of the HACKING document for more technical details. 3.2. So I can just run a full onion router and join the network? No. Users should run just an onion proxy (use the 'oprc' config file). If you start up a full onion router, the rest of the routers in the system won't recognize you, so they will reject your handshake attempts. 3.3. How do I join the network then? If you just want to use the onion routing network, you can run a proxy and you're all set. If you want to run a router, you must convince the directory server operators (currently arma@mit.edu) that you're a trustworthy person. From there, the operators add you to the directory, which propagates out to the rest of the network. All nodes will know about you within an hour. 3.4. I want to run a directory server too. If you run a very reliable node, you plan to be around for a long time, and you want to spend some time ensuring that router operators are people we know and like, we may want you to run a directory server too. We must manually add you to the 'dirservers' file that's part of the distribution; users will only know about you when they upgrade to a new version. Of course, you can always just start up your router as a directory server too --- but users won't know to ask you for directories, and more importantly, you'll never learn from the real directory servers about recently joined routers. 4. Development. 4.1. Who's doing this? 4.2. Can I help? 4.3. I've got a bug. 5. Anonymity. 5.1. So I'm totally anonymous if I use tor? 5.2. Where can I learn more about anonymity? 6. Comparison to related projects. 6.1. Onion Routing. Tor *is* onion routing. 6.2. Freedom. 7. Protocol and application support. 7.1. http? ftp? udp? socks? mozilla?